Cisco ASA Vulnerability Exploited After Publication of Exploits

Threat actors are actively exploiting a recently patched vulnerability in Cisco Adaptive Security Appliance (ASA) software. The vulnerability (CVE-2018-0296) allows a threat actor to use directory traversal techniques to view sensitive information without authentication. Exploitation of this vulnerability, however, also triggers the affected device to reload unexpectedly, ultimately crashing the device and causing a denial-of-service (DOS) condition. Attempts to exploit the ASA flaw appear to coincide with two proof-of-concept (PoC) exploits released over the last month. The NJCCIC recommends all users of Cisco ASA software review Cisco’s security advisory and apply the necessary updates.

AlertNJCCICCisco, DoS